5 matches found
EUVD-2023-43551
Malicious code in bioql PyPI...
CVE-2023-39851
webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...
Sql injection
DISPUTED webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...
CVE-2023-39851
webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...
CVE-2023-39851
WebChess v1.0 contains a SQL injection vulnerability in mainmenu.php via the $playerID parameter. Root cause: lack of input validation/ sanitization allows external SQL input to be executed, potentially leaking sensitive data. Some sources dispute exploitability, noting $playerID may be server-co...